From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 1 Aug 2024 17:36:00 +0000 (+0200)
Subject: Do not implicitly start connection with SSL_handle_events() or SSL_poll()
X-Git-Tag: openssl-3.4.0-alpha1~242
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ca1d2db291530a827555b40974ed81efb91c2d19;p=thirdparty%2Fopenssl.git

Do not implicitly start connection with SSL_handle_events() or SSL_poll()

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25069)
---

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index f6ddba43c5d..539d6d9b789 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -1065,7 +1065,8 @@ int ossl_quic_handle_events(SSL *s)
         return 0;
 
     quic_lock(ctx.qc);
-    ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
+    if (ctx.qc->started)
+        ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
     quic_unlock(ctx.qc);
     return 1;
 }
@@ -4100,6 +4101,13 @@ int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick,
 
     quic_lock(ctx.qc);
 
+    if (!ctx.qc->started) {
+        /* We can only try to write on non-started connection. */
+        if ((events & SSL_POLL_EVENT_W) != 0)
+            revents |= SSL_POLL_EVENT_W;
+        goto end;
+    }
+
     if (do_tick)
         ossl_quic_reactor_tick(ossl_quic_channel_get_reactor(ctx.qc->ch), 0);
 
@@ -4149,6 +4157,7 @@ int ossl_quic_conn_poll_events(SSL *ssl, uint64_t events, int do_tick,
             revents |= SSL_POLL_EVENT_OSU;
     }
 
+ end:
     quic_unlock(ctx.qc);
     *p_revents = revents;
     return 1;